GivingThanks
First Flight #28
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Inefficient On-Chain Metadata Storage

bbash

Summary

Storing extensive metadata on-chain can lead to high gas costs.

Vulnerability Details

The current metadata generation method can be costly due to on-chain storage requirements.

https://github.com/Cyfrin/2024-11-giving-thanks/blob/main/src/GivingThanks.sol#L35-L54

function _createTokenURI(address donor, uint256 date, uint256 amount) internal pure returns (string memory) {
// Create JSON metadata
string memory json = string(
abi.encodePacked(
'{"donor":"',
Strings.toHexString(uint160(donor), 20),
'","date":"',
Strings.toString(date),
'","amount":"',
Strings.toString(amount),
'"}'
)
);
// Encode in base64 using OpenZeppelin's Base64 library
string memory base64Json = Base64.encode(bytes(json));
// Return the data URL
return string(abi.encodePacked("data:application/json;base64,", base64Json));
}

The current metadata generation method can be costly due to on-chain storage requirements.

Impact

Higher gas costs for users minting NFTs could discourage donations and increase operational costs.

Tools Used

Manual Review

Recommendations

Consider off-chain storage solutions, such as IPFS, or refine the metadata structure to only include essential information, reducing on-chain data usage.

Updates

Lead Judging Commences

n0kto Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.